SecurityFocus has an interesting story about someone auctioning an Excel vulnerability on eBay. The auction was shutdown and Microsoft is investigating the vulnerability. Something tells me the author was the not the person running the auction, but stranger things have happened.